changed settings restore functionality for the browser.
Needs addition of rsync on VM and setup
2 # -*- coding: utf-8 -*-
4 # ------------------------------------------------------------
7 # the opensecurityd as RESTful server
9 # Autor: Oliver Maurhart, <oliver.maurhart@ait.ac.at>
10 # Mihai Bartha, <mihai.bartha@ait.ac.at>
12 # Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
19 # https://www.x-net.at
21 # AIT Austrian Institute of Technology
22 # Donau City Strasse 1
25 # http://www.ait.ac.at
28 # Licensed under the Apache License, Version 2.0 (the "License");
29 # you may not use this file except in compliance with the License.
30 # You may obtain a copy of the License at
32 # http://www.apache.org/licenses/LICENSE-2.0
34 # Unless required by applicable law or agreed to in writing, software
35 # distributed under the License is distributed on an "AS IS" BASIS,
36 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
37 # See the License for the specific language governing permissions and
38 # limitations under the License.
39 # ------------------------------------------------------------
42 # ------------------------------------------------------------
56 import __init__ as opensecurity
57 from cygwin import Cygwin
58 from environment import Environment
59 from opensecurity_util import logger, showTrayMessage
63 # ------------------------------------------------------------
66 """All the URLs we know mapping to class handler"""
68 '/browsing', 'os_browsing', # http://localhost:8080/browsing GET
69 '/fetch_initial_image', 'os_fetch_image', # http://localhost:8080/fetch_initial_image GET
70 '/init', 'os_init', # http://localhost:8080/init GET
71 '/initial_image', 'os_initial_image', # http://localhost:8080/initial_image GET
72 '/sdvms', 'os_sdvms', # http://localhost:8080/sdvms GET, PUT
73 '/sdvms/(.*)/application/(.*)', 'os_sdvm_application', # http://localhost:8080/sdvms/[VMNAME]/application/[COMMAND] GET
74 '/sdvms/(.*)/ip', 'os_sdvm_ip', # http://localhost:8080/sdvms/[VMNAME]/ip GET
75 '/sdvms/(.*)/start', 'os_sdvm_start', # http://localhost:8080/sdvms/[VMNAME]/start GET
76 '/sdvms/(.*)/stop', 'os_sdvm_stop', # http://localhost:8080/sdvms/[VMNAME]/stop GET
77 '/sdvms/(.*)', 'os_sdvm', # http://localhost:8080/sdvms/[VMNAME] GET, DELETE
78 '/setup', 'os_setup', # http://localhost:8080/setup GET
79 '/vms', 'os_vms', # http://localhost:8080/vms GET
80 '/vms/(.*)', 'os_vm', # http://localhost:8080/vms/[VMNAME] GET
81 '/update_template', 'os_update_template', # http://localhost:8080/update_template GET
82 '/terminate', 'os_terminate', # http://localhost:8080/terminate GET
83 '/initialize', 'os_initialize', # http://localhost:8080/initialize GET
84 '/', 'os_root' # http://localhost:8080/ GET
88 # ------------------------------------------------------------
91 # Global VMManager instance
98 # ------------------------------------------------------------
103 """OpenSecurity '/browsing' handler
105 - GET: Start and prepare a new SecurityVM for Internet Browsing. Return the name of the VM.
110 log_call(web.ctx.environ)
115 if 'ProxyServer' in args:
116 proxy = args['ProxyServer']
117 if 'ProxyAutoConfigURL' in args:
118 wpad = args['ProxyAutoConfigURL']
119 result = gvm_mgr.handleBrowsingRequest(proxy, wpad)
122 raise web.internalerror()
125 class os_fetch_image:
126 """OpenSecurity '/fetch_initial_image' handler
128 - GET: fetch the initial image from the X-Net Servers
129 The initial image is stored in the
130 Virtual Box default machine path.
131 The result to this call is a temprary file
132 which shows the progress (or error state)
138 log_call(web.ctx.environ)
141 trace_file_name = os.path.join(Environment('OpenSecurity').log_path, 'OpenSecurity_fetch_image.log')
142 trace_file = open(trace_file_name, 'w+')
144 machine_folder = Cygwin.cygPath(gvm_mgr.getMachineFolder())
145 download_initial_image_script = Cygwin.cygPath(os.path.abspath(os.path.join(os.path.split(__file__)[0], 'download_initial_image.sh')))
146 Cygwin.bashExecute('\\"' + download_initial_image_script + '\\" \'' + machine_folder + '\'', wait_return = False, stdout = trace_file, stderr = trace_file)
148 res = '{ "fetch_log": "' + trace_file_name.replace('\\', '\\\\') + '" }'
153 """OpenSecurity '/init' handler
155 - GET: Do initial import of OsecVM.ova
160 log_call(web.ctx.environ)
162 gvm_mgr.startInitialImport()
163 res = '{ "init_log": "' + (Environment('OpenSecurity').log_path+'\\OpenSecurity_initial_import.log').replace('\\', '\\\\') + '" }'
166 class os_update_template:
167 """OpenSecurity '/update_template' handler
169 - GET: update template vm
174 log_call(web.ctx.environ)
176 gvm_mgr.startUpdateTemplate()
177 res = '{ "init_log": "' + (Environment('OpenSecurity').log_path+'\\OpenSecurity_initial_import.log').replace('\\', '\\\\') + '" }'
180 class os_initial_image:
181 """OpenSecurity '/initial_image' handler
183 - GET: Return what we have as initial image.
187 log_call(web.ctx.environ)
189 t = os.path.join(gvm_mgr.systemProperties['Default machine folder'], 'OsecVM.ova')
191 if os.path.isfile(t):
192 res = '{"initial_template": { '
193 res += '"name": "OsecVM.ova", '
194 res += '"path": "' + t.replace('\\', '\\\\') + '", '
195 res += '"size": ' + str(os.path.getsize(t)) + ', '
196 res += '"date": ' + str(os.path.getmtime(t)) + ''
201 """OpenSecurity '/' handler
203 - GET: give information about current installation.
207 log_call(web.ctx.environ)
210 # create a json string and pretty print it
211 res = '{"os_server": { '
212 res += '"version": "' + opensecurity.__version__ + '" '
213 res += ', "virtual box systemproperties": ' + str(gvm_mgr.systemProperties).replace("'", '"')
214 res += ', "current temporary folder": "' + tempfile.gettempdir().replace('\\', '\\\\') + '"'
215 res += ', "current log folder": "' + Environment('OpenSecurity').log_path.replace('\\', '\\\\') + '"'
218 res += ', "whoami": "' + Cygwin.bashExecute('whoami')[1].strip() + '"'
220 res += ', "whoami": "FAILED"'
223 res += ', "mount": ' + str(Cygwin.bashExecute('mount')[1].split('\n')[:-1]).replace("'", '"')
225 res += ', "mount": "FAILED"'
228 res += ', "cygpath --windows ~": "' + Cygwin.bashExecute('cygpath --windows ~')[1].strip().replace('\\', '\\\\') + '"'
230 res += ', "cygpath --windows ~": "FAILED"'
233 res += ', "status message": "' + gvm_mgr.status_message.replace('"', "'") + '"'
237 # loading it into json and print it again ensures
238 # we really do have a valid RFC conform json string
239 # created (as long as the python json module is RFC conform)
240 return json.dumps(json.loads(res), indent = 4)
245 """OpenSecurity '/sdvms/[VM]' handler
247 - GET: Information about a specific SecurityVM
248 - DELETE: Remove a specific
252 log_call(web.ctx.environ)
254 return json.dumps(gvm_mgr.getVMInfo(name), indent = 4)
256 def DELETE(self, name):
257 log_call(web.ctx.environ)
259 return gvm_mgr.removeVM(name)
262 class os_sdvm_application:
263 """OpenSecurity '/sdvms/[VM]/application/[CMD]' handler
265 - GET: start application with given command in the VM.
268 def GET(self, name, command):
269 log_call(web.ctx.environ)
271 command = '/' + command
272 showTrayMessage('Launching application in isolated VM...', 7000)
273 Cygwin.sshExecuteX11(command, gvm_mgr.getHostOnlyIP(name), 'osecuser', Cygwin.cygPath(gvm_mgr.getMachineFolder()) + '/' + name + '/dvm_key' )
274 return 'Command ' + str(command) + ' started on VM "' + name + '" with IP ' + gvm_mgr.getHostOnlyIP(name)
278 """OpenSecurity '/sdvms/[VM]/ip' handler
280 - GET: give IP of SecurityVM.
284 log_call(web.ctx.environ)
286 return gvm_mgr.getHostOnlyIP(name)
290 """OpenSecurity '/sdvms/[VM]/start' handler
292 - GET: Start specific SecuirtyVM.
296 log_call(web.ctx.environ)
298 return gvm_mgr.startVM(name)
302 """OpenSecurity '/sdvms/[VM]/stop' handler
304 - GET: stop specific Secuirty VM.
308 log_call(web.ctx.environ)
310 return gvm_mgr.stopVM(name)
314 """OpenSecurity '/sdvms' handler
316 - GET: list all available secuirty VMs.
317 - POST: create new security vm.
321 """get the list of SDVMs"""
322 log_call(web.ctx.environ)
326 for sdvm in gvm_mgr.listSDVM():
327 d[sdvm] = gvm_mgr.getHostOnlyIP(sdvm)
329 return json.dumps(d, indent = 4)
332 """create a new SDVM"""
333 log_call(web.ctx.environ)
337 name = gvm_mgr.generateSDVMName()
339 gvm_mgr.createVM(name)
341 raise web.internalerror()
347 """OpenSecurity '/setup' handler
349 - GET: Give user some info how to setup the OpenSecurity environment
354 log_call(web.ctx.environ)
359 <h1>Setup OpenSecurity</h1>
360 In order to setup OpenSecurity an inital VM image has to be downloaded and imported:<br/>
362 <li>Download initial VM image: <a href="/fetch_initial_image">fetch_initial_image</a>
363 <li>Import initial VM: <a href="/init">init</a>
372 """OpenSecurity '/terminate' handler
374 - GET: terminate the opensecurityd.
376 TODO: need to find a better way doing this, and not via the
377 REST api. Maybe hack web.py server code?
381 log_call(web.ctx.environ)
390 """OpenSecurity '/initialize' handler
392 - GET: initialize / starts the vmmanager.
397 log_call(web.ctx.environ)
406 """OpenSecurity '/vms/[VM]' handler
408 - GET: list information of arbitrary VM.
412 log_call(web.ctx.environ)
414 return gvm_mgr.getVMInfo(name)
418 """OpenSecurity '/vms' handler
420 - GET: list all (also non Security) VMs.
424 log_call(web.ctx.environ)
426 return str(gvm_mgr.listVMS()).replace("'",'"')
429 def log_call(web_environ):
430 """log the incoming call to the REST api"""
432 call = 'REST ' + web_environ['REQUEST_METHOD'] + ' ' + web_environ['REQUEST_URI'] + ' from ' + web_environ['REMOTE_ADDR'] + ':' + web_environ['REMOTE_PORT']
439 """main startup for the opensecurityd"""
444 logger.debug('Starting OpenSecurity REST server')
446 # ensure a VMManger is yet loaded
447 gvm_mgr = vmmanager.VMManager.getInstance()
449 # tweak sys.argv to control wep.py server start behavior
450 sys.argv = [__file__, "8080"]
451 server = web.application(opensecurity_urls, globals(), autoreload = False)
454 logger.debug('Stopped OpenSecurity REST server')
458 """stop the opensecuirityd"""
460 # calling sys.exit() raises a SystemExit exception
461 # of the WSGI Server to let it wind down
466 if __name__ == "__main__":